Fix permissions to see group applications

Closes #1934 (closed)

What does this MR do?

Makes sure that frontend and backend are using the same permissions. The working group page attempts to load the applications to the group, but the frontend is trying that even if it is not allowed to. The backend is using WorkGroupPermissions:mayEdit (see https://gitlab.com/foodsharing-dev/foodsharing/-/blob/master/src/RestApi/ApplicationRestController.php#L121-121), while the frontend used ForumPermissions:mayAccessAmbassadorBoard. I'm guessing that these don't always return the same result for all people.

How confident are you it won't break things if deployed?

I'm not absolutely sure if this will fix the error, but it won't make anything worse. After all, WorkGroupPermissions:mayEdit is the one that makes more sense.

Links to related issues

How to test

Screenshots (if applicable)

Checklist

• added a test, or explain why one is not needed/possible...
• no unrelated changes
• asked someone for a code review
• set a "for:" label to indicate who will be affected by this change
• set the "API change" label if changes in the API are not backward compatible
• added to the next milestone (see https://gitlab.com/foodsharing-dev/foodsharing/-/milestones, unless it has a "for:Dev" label)
• added an entry to CHANGELOG.md
• added a short text in the release notes to /release-notes/YYYY-MM.md
• Once your MR has been merged, you are responsible to create a testing issue in the Beta Testing forum: https://foodsharing.de/region?bid=734&sub=forum. Please change the MRs label to "state:Beta testing".
  • Consider writing a detailed description in German.
  • Describe in a few sentences, what should be tested from a user perspective.
  • Also mention different settings (e.g. different browsers, roles, ...) how this change can be tested.
  • Be aware, that also non technical people should understand.

Closes #1934 (closed)